Featured Articles

Intel releases tiny 3G cell modem

Intel releases tiny 3G cell modem

Intel has released a 3G cellular modem with an integrated power amplifier that fits into a 300 mm2 footprint, claiming it…

More...
Braswell 14nm Atom slips to Q2 15

Braswell 14nm Atom slips to Q2 15

It's not all rosy in the house of Intel. It seems that upcoming Atom out-of-order cores might be giving this semiconductor…

More...
TSMC 16nm wafers coming in Q1 2015

TSMC 16nm wafers coming in Q1 2015

TSMC will start producing 16nm wafers in the first quarter of 2015. Sometime in the second quarter production should ramp up…

More...
Skylake-S LGA is 35W to 95W TDP part

Skylake-S LGA is 35W to 95W TDP part

Skylake-S is the ‘tock’ of the Haswell architecture and despite being delayed from the original plan, this desktop part is scheduled…

More...
Aerocool Dead Silence reviewed

Aerocool Dead Silence reviewed

Aerocool is well known for its gamer cases with aggressive styling. However, the Dead Silence chassis offers consumers a new choice,…

More...
Frontpage Slideshow | Copyright © 2006-2010 orks, a business unit of Nuevvo Webware Ltd.
Friday, 07 June 2013 09:10

Android malware proves nasty

Written by Nick Farrell

Obad news

Android has been hit by a nasty new malicious program dubbed Obad which exploits glitches in Google’s mobile operating system. Kaspersky Lab’s research blog, malware researcher Roman Unuchek called the newly discovered Trojan the “most sophisticated” malicious program yet detected that works with Android phones. He said that the Trojan had advanced features, including complex obfuscation techniques.

This made it difficult to look at the code. It also uses a previously unknown vulnerability in Android that allowed it to take control of and maintain a foothold on infected Android devices. Kaspersky has contacted Google regarding the malware and the alleged vulnerabilities in Android. The malware, dubbed Backdoor.AndroidOS.Obad.a, is described as a “multi function Trojan.” It is an SMS Trojan, whichsends short message service (SMS) messages to premium numbers. SMS Trojans are the most common form of mobile malware.

According to the report, the Obad authors discovered and exploited a previously unknown vulnerability in the Android OS relating to how Android processes a file called AndroidManifest.xml, a standard component of all applications that describes the application’s structure and operation to the operating system. According to Kaspersky, Obad ”modifies AndroidManifest.xml in such a way that it does not comply with Google standards, but is still correctly processed on a smartphone.”

A second vulnerability allowed Obad’s authors to obtain extended Device Administrator privileges on infected devices, without appearing on the list of applications which have such privileges. As a result, Unuchek said that it wasn’t possible to delete Obad from the infected Android device after it gained the extended privileges.

Obad malware collects a wealth of information from the device, which is passed back to Internet-based command and control (C&C) servers, Kaspsersky said.

blog comments powered by Disqus

 

Facebook activity

Latest Commented Articles

Recent Comments